Overview

overview

10

Static

static

5

Shipping doc_pdf.exe

windows7-x64

10

Shipping doc_pdf.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2b3018d5777c7e8f2c12b479165c15b932437314a0a453ab95856488bdc631b9

  • Size

    692KB

  • Sample

    240820-gqfkkawgqh

  • MD5

    04e61029670f2cf8dffb38ddde9b8211

  • SHA1

    98c7b6f46c4fd82fe60d3afd4f1c58dd394fd5e9

  • SHA256

    2b3018d5777c7e8f2c12b479165c15b932437314a0a453ab95856488bdc631b9

  • SHA512

    ab77a8e032960b5f0b96fc4b6d62e9072450d5aa47a812e02da0c73cea60e94d89bbc84cebe24727711a6bab361dbc81ccba4bfe4bd986cb88a6a72830a1021b

  • SSDEEP

    12288:9D4hoYCc1dgXfwnyYvyo3S+QtrrE31LkfBIUCFDFsdTBYWho3NbkFIfl+5HwNOcm:OprHMfe9l3S/r4oBPrZBYWho3NrflUHf

Score
10/10
formbookph01discoveryratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ph01

Decoy

23888.sbs

zvcj.sbs

raitpourtrait.net

ibraryfarmclub.online

omputercourses123.live

j88.doctor

atsue-color.click

epitalrentgrup.online

rvvpn.lol

i-signals.tech

cr-phoenix.best

frican-safari.online

c-games.zone

oardetest.online

f4md.shop

uke-saaac.buzz

arze.dev

nvestment-services-49610.bond

izatrip.sbs

ameron-paaaa.buzz

Targets

    • Target

      Shipping doc_pdf.exe

    • Size

      1.1MB

    • MD5

      7a59f7d0673ef800595eca1f5938e581

    • SHA1

      570288fba8fd233aa59ca2e760a0af6c055ad8da

    • SHA256

      557c3a0a4676f650fdd41360c3e9161268c7041359e6139e3e7837d2ae1bad0a

    • SHA512

      f58800a8277dc050b3e3402f438415e607b923b8a1416b6df3a9c815f7506c6a9902f1c97aaf6180f003eb0e2fb710ccb1fb184af8ac97914bd67ad6a811b5a5

    • SSDEEP

      24576:nqDEvCTbMWu7rQYlBQcBiT6rprG8aRqBYQhS9tBfdeHwCjk:nTvC/MTQYxsWR7aRqBHs9tBfdows

    Score
    10/10
    formbookph01discoveryratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks